Sign-up

ID

VAR-201910-0309


CVE

CVE-2019-6474


TITLE

ISC Kea DHCP Input Validation Error Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2020-03750 // CNNVD: CNNVD-201909-378

DESCRIPTION

A missing check on incoming client requests can be exploited to cause a situation where the Kea server's lease storage contains leases which are rejected as invalid when the server tries to load leases from storage on restart. If the number of such leases exceeds a hard-coded limit in the Kea code, a server trying to restart will conclude that there is a problem with its lease store and give up. Versions affected: 1.4.0 to 1.5.0, 1.6.0-beta1, and 1.6.0-beta2. ISC (Internet Systems Consortium) Provided by Kea DHCP The server has a service disruption (DoS) Vulnerabilities exist. Kea DHCP The server contains several vulnerabilities: * DHCPv6 Malformed format when operating on server DUID With packets containing Kea DHCPv6 server process (kea-dhcp6) Ends - CVE-2019-6472 * DHCPv4 While operating on the server hostname Depending on options assertion failure Occurs, Kea DHCPv4 server process (kea-dhcp4) Ends - CVE-2019-6473 * As a storage location for lease information memfile Is specified, if invalid lease information is stored in the storage more than a certain number Kea Server cannot be restarted - CVE-2019-6474Service disruption by a third party who can access the network to which the product is connected (DoS) An attack may be carried out. ISC Kea DHCP is an open source DHCP (Dynamic Host Configuration Protocol) server from the American ISC Corporation. An input validation error vulnerability exists in ISC Kea DHCP versions 1.4.0 to 1.5.0, 1.6.0-beta1, and 1.6.0-beta2. The vulnerability stems from a network system or product that did not properly validate the input data

Trust: 2.16

sources: NVD: CVE-2019-6474 // JVNDB: JVNDB-2019-008546 // CNVD: CNVD-2020-03750

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-03750

AFFECTED PRODUCTS

vendor:iscmodel:keascope:gteversion:1.4.0

Trust: 1.0

vendor:iscmodel:keascope:lteversion:1.5.0

Trust: 1.0

vendor:iscmodel:keascope:eqversion:1.6.0

Trust: 1.0

vendor:iscmodel:keascope:eqversion:1.4.0 to 1.5.0

Trust: 0.8

vendor:iscmodel:keascope:eqversion:1.6.0-beta1

Trust: 0.8

vendor:iscmodel:keascope:eqversion:1.6.0-beta2

Trust: 0.8

vendor:iscmodel:kea dhcpscope:gteversion:1.4.0,<=1.5.0

Trust: 0.6

vendor:iscmodel:kea dhcp 1.6.0-beta1scope: - version: -

Trust: 0.6

vendor:iscmodel:kea dhcp 1.6.0-beta2scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2020-03750 // JVNDB: JVNDB-2019-008546 // NVD: CVE-2019-6474

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-6474
value: MEDIUM

Trust: 1.0

security-officer@isc.org: CVE-2019-6474
value: MEDIUM

Trust: 1.0

CNVD: CNVD-2020-03750
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201909-378
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2019-6474
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

CNVD: CNVD-2020-03750
severity: HIGH
baseScore: 7.3
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 8.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2019-6474
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

security-officer@isc.org: CVE-2019-6474
baseSeverity: MEDIUM
baseScore: 5.7
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.1
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: CNVD: CNVD-2020-03750 // CNNVD: CNNVD-201909-378 // NVD: CVE-2019-6474 // NVD: CVE-2019-6474

PROBLEMTYPE DATA

problemtype:CWE-772

Trust: 1.0

sources: NVD: CVE-2019-6474

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201909-378

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201909-378

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-008546

PATCH
title:CVE-2019-6472: A packet containing a malformed DUID can cause the kea-dhcp6 server to terminateurl:https://kb.isc.org/docs/cve-2019-6472
Trust: 0.8
title:CVE-2019-6473: An invalid hostname option can cause the kea-dhcp4 server to terminateurl:https://kb.isc.org/docs/cve-2019-6473
Trust: 0.8
title:CVE-2019-6474: An oversight when validating incoming client requests can lead to a situation where the Kea server will exit when trying to restarturl:https://kb.isc.org/docs/cve-2019-6474
Trust: 0.8
title:Patch for ISC Kea DHCP Input Validation Error Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/199061
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-03750 // 
            
            
            
            JVNDB: JVNDB-2019-008546

EXTERNAL IDS
db:NVDid:CVE-2019-6474
Trust: 3.0
db:JVNid:JVNVU93863470
Trust: 0.8
db:JVNDBid:JVNDB-2019-008546
Trust: 0.8
db:CNVDid:CNVD-2020-03750
Trust: 0.6
db:CNNVDid:CNNVD-201909-378
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-03750 // 
            
            
            
            JVNDB: JVNDB-2019-008546 // 
            
            
            
            CNNVD: CNNVD-201909-378 // 
            
            
            
            NVD: CVE-2019-6474

REFERENCES
url:https://kb.isc.org/docs/cve-2019-6474
Trust: 1.6
url:https://nvd.nist.gov/vuln/detail/cve-2019-6474
Trust: 1.4
url:https://vigilance.fr/vulnerability/kea-dhcp-three-vulnerabilities-30273
Trust: 1.2
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6474
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6472
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6473
Trust: 0.8
url:https://jvn.jp/vu/jvnvu93863470
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2019-6472
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2019-6473
Trust: 0.8
sources:
            
            
            CNVD: CNVD-2020-03750 // 
            
            
            
            JVNDB: JVNDB-2019-008546 // 
            
            
            
            CNNVD: CNNVD-201909-378 // 
            
            
            
            NVD: CVE-2019-6474

SOURCES
db:CNVDid:CNVD-2020-03750
db:JVNDBid:JVNDB-2019-008546
db:CNNVDid:CNNVD-201909-378
db:NVDid:CVE-2019-6474

LAST UPDATE DATE
2024-11-23T22:11:48.957000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2020-03750date:2020-02-05T00:00:00
db:JVNDBid:JVNDB-2019-008546date:2019-12-02T00:00:00
db:CNNVDid:CNNVD-201909-378date:2020-08-25T00:00:00
db:NVDid:CVE-2019-6474date:2024-11-21T04:46:31.230

SOURCES RELEASE DATE
db:CNVDid:CNVD-2020-03750date:2020-02-05T00:00:00
db:JVNDBid:JVNDB-2019-008546date:2019-09-03T00:00:00
db:CNNVDid:CNNVD-201909-378date:2019-09-09T00:00:00
db:NVDid:CVE-2019-6474date:2019-10-16T18:15:37.217